{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"cveId":"CVE-2021-22283","assignerOrgId":"2b718523-d88f-4f37-9bbd-300c20644bf9","state":"PUBLISHED","assignerShortName":"ABB","dateReserved":"2021-01-05T17:31:49.081Z","datePublished":"2023-02-28T04:21:41.776Z","dateUpdated":"2025-03-07T18:12:14.516Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","product":"Relion protection relays - 611 series","vendor":"ABB","versions":[{"lessThan":"2.0.3","status":"affected","version":"1.0.0","versionType":"firmware"}]},{"defaultStatus":"unaffected","product":"Relion protection relays - 615 series IEC 4.0 FP1","vendor":"ABB","versions":[{"lessThan":" 4.1.9","status":"affected","version":"4.1.0","versionType":"firmware"}]},{"defaultStatus":"unaffected","product":"Relion protection relays - 615 series CN 4.0 FP1","vendor":"ABB","versions":[{"lessThan":"4.1.8","status":"affected","version":"4.1.0","versionType":"firmware"}]},{"defaultStatus":"unaffected","product":"Relion protection relays - 615 series IEC 5.0","vendor":"ABB","versions":[{"lessThan":"5.0.12","status":"affected","version":"5.0.0","versionType":"firmware"}]},{"defaultStatus":"unaffected","product":"Relion protection relays - 615 series IEC 5.0 FP1","vendor":"ABB","versions":[{"lessThan":"5.1.20","status":"affected","version":"5.1.0","versionType":"firmware"}]},{"defaultStatus":"unaffected","product":"Relion protection relays - 620 series IEC/CN 2.0","vendor":"ABB","versions":[{"lessThan":"2.0.11","status":"affected","version":"2.0.0","versionType":"firmware"}]},{"defaultStatus":"unaffected","product":"Relion protection relays - 620 series IEC/CN 2.0 FP1","vendor":"ABB","versions":[{"lessThan":"2.1.15","status":"affected","version":"2.1.0","versionType":"firmware"}]},{"defaultStatus":"unaffected","product":"Relion protection relays - REX640 PCL1","vendor":"ABB","versions":[{"lessThan":"1.0.8","status":"affected","version":"1.0.0","versionType":"firmware"}]},{"defaultStatus":"unaffected","product":"Relion protection relays - REX640 PCL2","vendor":"ABB","versions":[{"lessThan":"1.1.4","status":"affected","version":"1.1.0","versionType":"firmware"}]},{"defaultStatus":"unaffected","product":"Relion protection relays - REX640 PCL3","vendor":"ABB","versions":[{"lessThan":"1.2.1","status":"affected","version":"1.2.0","versionType":"firmware"}]},{"defaultStatus":"unaffected","product":"Relion protection relays - RER615","vendor":"ABB","versions":[{"lessThan":"2.0.3","status":"affected","version":"2.0.0","versionType":"firmware"}]},{"defaultStatus":"unaffected","product":"Remote Monitoring and Control - REC615","vendor":"ABB","versions":[{"lessThan":"2.0.3","status":"affected","version":"1.0.0","versionType":"firmware"}]},{"defaultStatus":"unaffected","product":"Merging Unit- SMU615","vendor":"ABB","versions":[{"lessThan":"1.0.2","status":"affected","version":"1.0.0","versionType":"firmware"}]}],"datePublic":"2022-12-18T18:30:00.000Z","descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB Relion protection relays - 615 series IEC 5.0 FP1, ABB Relion protection relays - 620 series IEC/CN 2.0, ABB Relion protection relays - 620 series IEC/CN 2.0 FP1, ABB Relion protection relays - REX640 PCL1, ABB Relion protection relays - REX640 PCL2, ABB Relion protection relays - REX640 PCL3, ABB Relion protection relays - RER615, ABB Remote Monitoring and Control - REC615, ABB Merging Unit- SMU615 allows Communication Channel Manipulation.<p>This issue affects Relion protection relays - 611 series: from 1.0.0 before 2.0.3; Relion protection relays - 615 series IEC 4.0 FP1: from 4.1.0 before 4.1.9; Relion protection relays - 615 series CN 4.0 FP1: from 4.1.0 before 4.1.8; Relion protection relays - 615 series IEC 5.0: from 5.0.0 before 5.0.12; Relion protection relays - 615 series IEC 5.0 FP1: from 5.1.0 before 5.1.20; Relion protection relays - 620 series IEC/CN 2.0: from 2.0.0 before 2.0.11; Relion protection relays - 620 series IEC/CN 2.0 FP1: from 2.1.0 before 2.1.15; Relion protection relays - REX640 PCL1: from 1.0.0 before 1.0.8; Relion protection relays - REX640 PCL2: from 1.1.0 before 1.1.4; Relion protection relays - REX640 PCL3: from 1.2.0 before 1.2.1; Relion protection relays - RER615: from 2.0.0 before 2.0.3; Remote Monitoring and Control - REC615: from 1.0.0 before 2.0.3; Merging Unit- SMU615: from 1.0.0 before 1.0.2.</p>"}],"value":"Improper Initialization vulnerability in ABB Relion protection relays - 611 series, ABB Relion protection relays - 615 series IEC 4.0 FP1, ABB Relion protection relays - 615 series CN 4.0 FP1, ABB Relion protection relays - 615 series IEC 5.0, ABB Relion protection relays - 615 series IEC 5.0 FP1, ABB Relion protection relays - 620 series IEC/CN 2.0, ABB Relion protection relays - 620 series IEC/CN 2.0 FP1, ABB Relion protection relays - REX640 PCL1, ABB Relion protection relays - REX640 PCL2, ABB Relion protection relays - REX640 PCL3, ABB Relion protection relays - RER615, ABB Remote Monitoring and Control - REC615, ABB Merging Unit- SMU615 allows Communication Channel Manipulation.This issue affects Relion protection relays - 611 series: from 1.0.0 before 2.0.3; Relion protection relays - 615 series IEC 4.0 FP1: from 4.1.0 before 4.1.9; Relion protection relays - 615 series CN 4.0 FP1: from 4.1.0 before 4.1.8; Relion protection relays - 615 series IEC 5.0: from 5.0.0 before 5.0.12; Relion protection relays - 615 series IEC 5.0 FP1: from 5.1.0 before 5.1.20; Relion protection relays - 620 series IEC/CN 2.0: from 2.0.0 before 2.0.11; Relion protection relays - 620 series IEC/CN 2.0 FP1: from 2.1.0 before 2.1.15; Relion protection relays - REX640 PCL1: from 1.0.0 before 1.0.8; Relion protection relays - REX640 PCL2: from 1.1.0 before 1.1.4; Relion protection relays - REX640 PCL3: from 1.2.0 before 1.2.1; Relion protection relays - RER615: from 2.0.0 before 2.0.3; Remote Monitoring and Control - REC615: from 1.0.0 before 2.0.3; Merging Unit- SMU615: from 1.0.0 before 1.0.2.\n\n"}],"impacts":[{"capecId":"CAPEC-216","descriptions":[{"lang":"en","value":"CAPEC-216 Communication Channel Manipulation"}]}],"metrics":[{"cvssV3_1":{"attackComplexity":"LOW","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.2,"baseSeverity":"MEDIUM","confidentialityImpact":"NONE","integrityImpact":"NONE","privilegesRequired":"NONE","scope":"UNCHANGED","userInteraction":"NONE","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-665","description":"CWE-665 Improper Initialization","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"2b718523-d88f-4f37-9bbd-300c20644bf9","shortName":"ABB","dateUpdated":"2023-02-28T04:21:41.776Z"},"references":[{"url":"https://search.abb.com/library/Download.aspx?DocumentID=2NGA001147&LanguageCode=en&DocumentPartId=&Action=Launch"}],"source":{"discovery":"UNKNOWN"},"title":"MMS File Transfer Vulnerability impact on Distribution Automation products","x_generator":{"engine":"Vulnogram 0.1.0-dev"}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-03T18:37:18.488Z"},"title":"CVE Program Container","references":[{"url":"https://search.abb.com/library/Download.aspx?DocumentID=2NGA001147&LanguageCode=en&DocumentPartId=&Action=Launch","tags":["x_transferred"]}]},{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2025-03-07T18:11:58.860932Z","id":"CVE-2021-22283","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2025-03-07T18:12:14.516Z"}}]}}